<?php
function parse_signed_request($signed_request, $secret) {
  list($encoded_sig, $payload) = explode('.', $signed_request, 2); 

  // decode the data
  $sig = base64_url_decode($encoded_sig);
  $data = json_decode(base64_url_decode($payload), true);

  if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
    error_log('Unknown algorithm. Expected HMAC-SHA256');
    return null;
  }

  // check sig
  $expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
  if ($sig !== $expected_sig) {
    error_log('Bad Signed JSON signature!');
    return null;
  }

  return $data;
}

function base64_url_decode($input) {
  return base64_decode(strtr($input, '-_', '+/'));
}

$config['secret_key'] = "80824decb4731af008ef5888d2549b70" ;
$data         =   parse_signed_request($_REQUEST['signed_request'], $config['secret_key']);
$fbUserId   =   $data['user_id'];

$con=mysqli_connect("192.168.0.170","adminmanzana","manzana-gt-2013","reciclatumanzana");

if (mysqli_connect_errno())
{
    echo "Failed to connect to MySQL: " . mysqli_connect_error();
}

mysqli_query($con,"UPDATE users SET state=0 WHERE facebook=".$fbUserId);

mysqli_close($con);
?>